Systems and methods for secure transaction management and electronic rights protection Page 1 of 31 





US5949876:Systems and methods for 
secure transaction management and 
electronic rights protection 

^Jo Image | Expand Details | View Cart | View INPADOC only | Derwent 
Record... 



Add to cart: More choices. 



Inventor(s): 



Applicant(s): 

issued/Filed Dates: 
Application Number: 
IPC Class: 
Class: 

Field of Search: 
Legal Status: 

Abstract: 




Ginter; Karl L. , Beltsville, MD 
Shear; Victor H. , Bethesda, MD 
Spahn; Francis J. , El Cerrito, CA 
Van Wie; David M. , Sunnyvale, CA 

InterTrust Technologies Corporation, Sunnyvale, CA 
News, Profiles . Stocks and More about this comp any 

fept. 7, 1999 /Jan. 8,1997 

If S1 997000778256 

ffp4L 9/32: 

Surrent: 705/080; 705/001; 705/039: 705/054: 
Original: 380/004 ; 380/024 ; 705/039 : 

fts/237,241 380/4,16,49,24 705 /039 



Show legal status actions 




Attorney, Agent, or 



ie present invention provides systems and methods for secure 
transaction management and electronic rights protection. Electronic 
appliances such as computers equipped in accordance with the 
present invention help to ensure that information is accessed and 
used only in authorized ways, and maintain the integrity, availability, 
and/or confidentiality of the information. Such electronic appliances 
provide a distributed virtual distribution environment (VDE) that may 
enforce a secure chain of handling and control, for example, to 
control and/or meter or otherwise monitor use of electronically 
stored or disseminated information. Such a virtual distribution 
environment may be used to protect rights of various participants in 
electronic commerce and other electronic or electronic-facilitated 
transactions. Distributed and other operating systems, environments 
and architectures, such as, for example, those using tamper- 
resistant hardware-based processors, may establish security at 
each node. These techniques may be used to support an all- 
electronic information distribution, for example, utilizing the 
"electronic highway." 

ffixon & Vanderhye P.C.; 



http://www.delphion.com/details?&pn=US05949876 &s_clms=l 



3/5/01 



Systems and methods for secure transaction management and electronic rights protection .. Page 2 of 3 1 



Firm: 

Primary/Assistant 
Examiners: 



Barron, Jr.; Gilberto; 



Related Applications: 



U.S. References 



Application Number 


| ApplDate ||Patent 


lssued||Title| 


US1995000388107 


1995-02-13 




« l 



Family: Show known family members 
■ 

Show the 5 patents that reference this one 



Patent 



US4309569 



US4337483 



US4465901 



US4558176 



US4672572 



US4713753 



US4757534 



US4796181 



US4799156 



US4807288 



US4817140 



US4823264 



US4858121 



US4864494 



Issued 



1 /1982 



6/1982 



8/1984 



12/1985 



Arnold et al. 



6/1987 



Alsberg 



12/1987 



7/1988 



1 /1989 



1 /1989 



2/1989 



3/1989 



4/1989 



8/1989 



9/1989 



Inventor(s) 



Merkle 



Guillou 



Best 



Boebert et al. 



Matyas et al. 



Wiedemer 



Shavit et al. 



Ugon et al. 



Chandra et al. 



Deming 



Barber et al. 



Kobus 



Applicant(s) 

The Board of 
Trustees of the 
Leland Stanford 
Junior University 



Method of providing digital 
sig natures 



Etablissement 
Public de Diffusion 
dit "Telediffusion de 
France" 



Text video-transmission 
system provided with 
means for controlling 
access to the information 



Crypto microprocessor that 
executes enciphere d 
programs 



Computer systems to 



inhib t unauthorized 
co pying, unauthorized 
usage, and automated 
cracking of protected 
software 



Gould Inc. 



Protector system for 
computer access and use 



Honeywell Inc. 



Secure data processin g 
system architecture with 
format control 



International 
Business Machines 
Corporation 



Strategic 
Processing 
Corporation 



C.I.I. Honeywell Bull 



International 
Business Machines 
Corp. 



Medical Payment 
Systems, 
Incorporated 



Computerized Data 
Ssytems for Mfg., 



Title 



Code prote ction using 
cryptography 



Billing system for computer 
software 



Interactive market 
management system 



Microprocessor intended 
particularly for executing 
the calculation algorithms 



of a public code encoding 
system 



Software protection system 



usin g a single-key 
cryptosystem, a hardware- 
based authorization 
s ystem and a secure 
coprocessor 
Electronic funds transfer 



s ystem 



Medical pa yment system 



Software usage 
authorization system with 
key for decry ptinq/re- 
encrypting/re-transmittino 
moving target security 



http://ww.delphion.com/details?&pn=US05949876_&s_clms=l 



3/5/01 



Systems and methods for secure transaction management and electronic rights protection .. Page 3 of 31 









Inc. 


movina taraet security 
codes from protected 
software 


US4868877 


9/1989 


Fischer 




Public kev/sianature 
crvDtosystem with 
enhanced diqital signature 




certification 


US4903296 


2/1990 


Chandra et at. 


International 
Business Machines 
Corporation 


impiemeniing a snareo 
higher level of privilege on 
personal computers for 




copy protection of software 


US4930073 


5/1990 


Cina, Jr. 


International 
Business Machines 
Corporation 


Method to prevent use of 
incorrect program version 




in a computer sysiem 


US4999806 


3/1991 


Chernow et 
al. 




Software distribution 




system 


US5005200 


4/1991 


Fischer 




Public kev/sionature 
cryptosystem with 
enhanced digital signature 




certification 


US5047928 


9 /1 991 


Wiedemer 




Billing system for computer 




software 


US5091966 


2/1992 


Bloomberg et 
al. 


Xerox Corporation 


Adaptive scaling for 
decoding spatially periodic 




self-clocking glyph shape 
codes 


US51 03476 


4/1992 


Waite et al. 




Secure system for 
activating personal 




computer software at 
remote locations 


US5111390 


5/1992 


Ketcham 


Unisys Corporation 


Software security system 
for maintaining integrity of 
compiled object code by 




restricting users ability to 
define compilers 


US51 28525 


7/1992 


Stearns et al. 


Xerox Corporation 


Convolution filtering for 
decoding self-clocking 




glyph shape codes 


US51 36643 


8/1992 


Fischer 




Public/key date-time notary 




facility 


US51 36646 


8/1992 


Haber et al. 


Bell 

Communications 
Research, Inc. 


Digital document time- 
stamping with catenate 




certificate 


US51 36647 


8/1992 


Haber et al. 


Bell 

Communications 
Research, Inc. 


Method for secure time- 
stamping of digital 




documents 


US5146575 


9/1992 


Nolan, Jr. 


International 
Business Machines 
Corp. 


Implementing privilege on 
microprocessor systems 




for use in software asset 
protection 


US51 55680 


10/1992 


Wiedemer 


Signal Security 
Technologies 


Billing system for 




computing software 


US5168147 


12/1992 


Bloomberg 


Xerox Corporation 


Binary image processing 
for decoding self-clocking 




glyph shape codes 


US5185717 


2/1993 


Mori 




Tamper resistant module 
having logical elements 
arranged in multiple layers 




on the outer surface of a 
substrate to protect stored 
information 










Relational database | 



http://www.delphion.com/details?&pn=US05949876 &s_clms=l 



3/5/01 



Systems and methods for secure transaction management and electronic rights protection Page 4 of 3 1 



US5201046 


4/1993 


Goldberg et 
al. 


Xidak, Inc. 


manaaement system and 
method for storing, 
retrieving and modifying 




directed graph data 
structures 


US5201047 


4/1993 


Maki et al. 


International 
Business Machines 
Corporation 


Attribute-based 
classification and retrieval 




system 


US5208748 


5/1993 


Flores et al. 


Action 
Technologies, Inc. 


Method and apparatus for 
structuring and managing 
human communications bv 
explicitly defining the types 




of communications 
permitted between 
participants 


US52 14702 


5/1993 


Fischer 




Public key/signature 
cn/ptosvstem with 
enhanced digital siqnature 




certification 


US5216603 


6/1993 


Flores et al. 


Action 
Technologies, Inc. 


Method and apparatus for 
structuring ano managing 
human communications by 
explicitly defining; the types 




of communications 
permitted between 
participants 


US5221833 


6/1993 


Hecht 


Xerox Corporation 


Methods and means for 
reducing bit error rates in 
readinq self-clockinq glyph 




codes 


US5222134 


6/1993 


Waite et al. 


Tau Svstems 
Corporation 


Secure system for 
activating personal 
computer software at 




remote locations 


US5224160 


6/1993 


Paulini et al. 


Siemens Nixdorf 
Informationssysteme 
AG 


Process for securing and 
for checking the integrity of 




tho cfln iroH nrnnramc 
IMC ocUUIcU piULjldllio 


US5224163 


6/1993 


Gasser et al. 


Digital Equipment 
Corporation 


Method for delegating 
authorization from one 
entity to another through 




the use of session 

onrrv/ntinn l/nuc 

ciiuiypuuri Kcyb 


US5235642 


8 /1993 


Wobber et al. 


Digital Equipment 
Corporation 


Access control subsystem 
and method for distributed 
computer system using 




locally cached 
authentication credentials 


US5245165 


9/1993 


Zhang 


Xerox Corporation 


Self-clocking glyph code 
for encoding dual bit digital 




values robustly 


US5247575 


9/1993 


Sprague et al. 




Information distribution 




ev/ctom 


US5260999 


11 /1993 


Wyman 


Digital Equipment 

Cornnration 


Filters in license 




mananomont c\/cfom 
1 1 icai idLjci i ici ii oyoicin 


US5265164 


11 /1993 


Matyas et al. 


International 
Business Machines 
Corporation 


orypioyrapnic lacuiiy 
environment 
backup/restore and 




replication in a public key 
cryptosystem 


US5276735 


1 /1994 


Boebert et al. 


Secure Computing 
Corporation 


Data enclave and trusted 




path system 


US5280479 


1 /1994 


Mary 


Matra 
Communication 


Device for insertion of 
digital packets in a 



http://vvww.delphion.com/details?&pn=US05949876 &s_clms=l 



3/5/01 



Systems and methods for secure transaction management and electronic rights protection Page 5 of 31 



Communication 



transmission channel 



US5285494 



2/1994 



Sprecher et 
at. 



PacTel Corporation 

International 
Business Machines 
Corporation 



Networ k manageme "nT 
system 



US5301231 



4/1994 



Abraham et 
al. 



User defined function 



facility 



Method and system for 



US53 19705 



6/1994 



Halter et al. 



International 
Business Machines 
Corporation 



multimedia access control 



enablement 



Method and a p paratus for 



US5337360 



8/1994 



Fischer 



creating, supporting, and 



using travelling programs 



US5341429 



8/1994 



Stringer et al. 



TestDrive 
Corporation 



Transformation of 
ephemeral material 



US5343527 



8/1994 



Moore 



International 
Business Machines 
Corporation 



H ybrid enc ry ption method 
and system for protectin g 
reusable software 



components 



US5347579 



9/1994 



Blandford 



Personal computer diary 



US5351293 



9/1994 



Michener et 
al. 



Wave Systems 
Corp. 



System method and 



ap paratus for 
authenticatin g an 



encrypted signal 



System for multilevel 



secure database 



US5355474 



10/1994 



Thuraisngham 
et al. 



management using a 



knowledge base with 



release-based and other 



security constraints for 



guerv, response and 



update modification 



US5365587 



11 /1994 



Campbell et 
al. 



International 
Business Machines 
Corporation 



Self modif ying acces s" 



code for altering 
capabilities 



US5373561 



12/1994 



Haber et al. 



Bell 

Communications 
Research, Inc. 



Meth od of e xtending the 



validity of a cryptographic 



certificate 



US5390247 



2/1995 



Fischer 



Method and apparatus for 



creating, supporting, and 



usin g travelling pro g rams 



Control s ystem and" 



US5390330 



2/1995 



Talati 



method for direct execution 



of software application 



information models without 



code generation 



US5392220 



2/1995 



van den 
Hamer et al. 



U.S. Philips 
Corporation 



Method and system foT 



organizing data 



Method for mappino7 



US5392390 



2/1995 



Crozier 



IntelliLink Corp. 



translating, and 



d ynamicall y reconciling 



data betwee n disparate 



computer platforms 



US5394469 



2/1995 



Nagel et al. 



Infosafe Systems, 
Inc. 



Method and apparatus for 



retrievin g secure 



information from mass 



storag e media 



Com puter s ystem securit y 



US5412717 



5/1995 



Fischer 



method and apparatus 



having program 



authorization information 



data structures 



Compaq Computer 



Method and apparatus for 



http://www.delphion.com/details?&pn=US05949876_(&s_ > clms=l 



3/5/01 



Systems and methods for secure transaction management and electronic rights protection Page 6 of 31 



US5421006 


5/1995 


Jablon 


uompaq uompuier 
oorp. 


assessing intearitv of 




computer system software 


US5422953 


6/1995 


Fischer 




Personal date/time notary 




device 


US5428606 


6/1995 


Moskowitz 




Digital information 




commodities exchange 


US5442645 


8/1995 


Ugon 


Bull CP8 


Method tor checking the 
integrity of a program or 
data, and apparatus for 




implementing this method 


US5444779 


8/1995 


Daniele 


Xerox Corporation 


Electronic coDvriaht royalty 
accounting svstem using 




glyphs 


1 IOC/1 A dQCiC 

Uoo44yoyo 


9/1995 


Hecht et al. 


Xerox Corporation 


Explicit synchronization for 




self-clocking glvph codes 


US5449896 


9/1995 


Hecht et al. 


Xerox Corporation 


Random access 
techniques for use with 




self-clocking glvph codes 


US5450493 




IVICII ICI 


AT&T Torn 


Secure communication 




method and apparatus 


US5453605 


9/1995 


Hecht et al. 


Xerox Corporation 


Global addressability for 




self-clocking glyph codes 


US5455861 


10/1995 


Faucher et al. 


AT&T Corp. 


Secure 




telecommunications 




10/1995 


Russell 


Wang Laboratories, 
Inc. 


Authorization svstem for 
obtaining in single step 
both identification and 
access rights of client to 




server directly from 
encrypted authorization 


US5457746 


10/1995 


Dolphin 


Spyrus, Inc. 


System and method for 
access control for portable 




VJGICI OLUIClljG 1 MGUICI 


US5463565 


10/1995 


Cookson et al. 


Time Warner 

1 II 1 1 W W If till I Iwl 

Entertainment Co., 
L.P. 


Data block format for 
software carrier and player 




therefor 


US5473687 


12/1995 


Lipscomb et 
al. 


Infosafe Systems, 
Inc. 


Method for retrieving 
secure information from a 




database 


US5473692 


12/1995 


Davis 


Intel Corporation 


Rovino software license for 

1 Wf VIIIV^ w %■/ 1 Iff 1 X> 1 1 WWl lUV IWI 




a hardware agent 


US5479509 


12/1995 


Ugon 


Bull CP8 


Method for sianature of an 
information processing file. 




and apparatus for 
implementing it 


US5485622 


1 /1996 


Yamaki 


Kabushiki Kaisha 
Toshiba 


Password processing 




svstem for computer 


US5491800 


2 /1 996 


Goldsmith et 
al. 


Talinpnt \nr 


Object-oriented remote 
orocedure call networkina 

system 


US5497479 


3/1996 


Hornbuckle 


SofTel, Inc. 


Method and apparatus for 
remotely controlling and 
monitoring the use of 




computer software 


US5497491 


3/1996 


Mitchell et al. 


International 
Business Machines 


System and method for 
importing and exoortina 
data between an object 
oriented computing 






environment and an 



http://www.delphion.com/details?&pn=US05949876 &s_clms=l 



3/5/01 



Systems and methods for secure transaction management and electronic rights protection Page 7 of 3 1 









Corporation 


environment and an 
external computina 
environment 


U55499298 


3 /1996 


Narasimhalu 
et al. 


National University 
of Singapore 


Controlled dissemination of 




digital information 


US5504757 


4/1996 


Cook et al. 


International 
Business Machines 
Corporation 


Method for selecting 
transmission speeds for 




transmitting data packets 
over a serial bus 


US5504818 


4/1996 


Okano 




Information Drocessina 
system using error- 




correcting codes and 
crvptographv 


US5504837 


4/1996 


Griffeth et al. 


Bell 

Communications 
Research, Inc. 


Method for resolving 
conflicts among distributed 
entities through the 
generation of counter 




proposals by transversinq 
a goal hierarchy with 
acceptable, unacceptable, 
and indeterminate nodes 


US5508913 


4/1996 


Yamamoto et 
al. 


Fujitsu Limited 


Electronic automatic offer 
matching svstem for 




freezer exchange 
transactions among banks 


uooouyu/u 


4 /1996 


Schuil 


SoftLock Services 
Inc. 


Method for encouraging 
purchase of executable 




and non-executable 
software 


US5513261 


4/1996 


Maher 


AT&T Corp. 


Kev management scheme 
for use with electronic 




cards 


1 IOCGQAOOC 
UO0000235 


6 /1996 


Stefik et al. 


Xerox Corporation 


Interactive contents 




revealing storage device 


US5530752 


6/1996 


Rubin 


UUIIVCa wUIII|JUlt3l 

Corporation 


Svstems and methods for 

r>rntf*ptinn ^nfhA/sirp frnm 

pi ULdslll ILj OUIlWal C IIUIII 




unlicensed copying and 
use 


US5533123 


7/1996 


Force et al. 


National 
Semiconductor 
Corooration 

X^Wl UV/I UllWl 1 


Programmable distributed 




personal security 




7/1996 


Stefik et al. 


Xerox Corporation 


Document processinq 
system utilizing document 
service cards to provide 




document processinq 

^prvirps 


US5537526 


7/1996 


Anderson et 
al. 


Taugent, Inc. 


Method and apparatus for 
processing a display 
document utilizing a 




system level document 
framework 


US5539735 


7/1996 


Moskowitz 




Digital information 
commodities exchanae 


US5539828 


7/1996 


Davis 


Intel Corporation 


Apparatus and method for 
providing secured 




communications 


US5550971 


8/1996 


Brunner et al. 


U S West 
Technologies, Inc. 


Method and svstem for 
oeneratina a user interfarp 

Uwl IVif 1 Ulll IU Uw^l II lid lOvw 

adaptable to various 




database management 
systems 


US5553282 


9/1996 


Parrish et al. 


Taligent, Inc. 


Software project history 
database and method of 



http://www.delphion.com/details?&pn=US05949876 &s_clms=l 3/5/01 



Systems and methods for secure transaction management and electronic rights protection Page 8 of 31 











operation 




10/1996 


Cooper et al. 


International 
Business Machines 
Corporation 


Method and apparatus for 
enabling trial period use of 
software products: method 




and apparatus for passing 
encrypted files between 
data processing systems 


US5568552 


10/1996 


Davis 


Intel Corporation 


Method for providing a 
roving software license 




from one node to another 
node 


US5572673 


11 /1996 


Shurts 


Sybase, Inc. 


Secure multi-level svstem 
for executing stored 




procedures 


US5592549 


1 /1997 


Nagel et al. 


Infosafe Systems, 
Inc. 


Method and apparatus for 
retrieving selected 
information from a secure 




information source 


US5606609 


2/1997 


Houser et al. 


Scientific-Atlanta 


Electronic document 
verification svstem and 




method 


US56 13004 


3/1997 


Cooperman et 
al. 


The Dice Company 


Steganographic method 




and device 

Wil 1 Vl Uw V IWV 


US5621797 


4/1997 


Rosen 


Citibank, N A 


Electronic ticket 
presentation and transfer 




method 


US5629980 


5/1997 


Stefiket al. 


Xerox Corporation 


System for controlling the 
distribution and use of 




riinitfll wnrkQ 

uiy i ici i vv \j i rvo 


US5633932 


5/1997 


Davis et al. 


Intel Corporation 


Apparatus and method for 
preventing disclosure 
through user- 




authentication at a printing 
node 


US5634012 


5/1997 


Stefik et al. 


Xerox Corporation 


Svstem for controlling the 
distribution and use of 




digital works having a fee 

rpnnrtinn m^phsiniQm 

1 CjJUl III i\4 1 1 ICUI ICM IIOl 1 1 


US5636292 


6/1997 


Rhoads 


Digimarc 
Corporation 


Steganography methods 
employing embedded 




ralihratinn riata 
\sQ\iu\ auui i uaLa 


US5638443 


6/1997 


Stefik et ai. 


Xerox Corporation 


System for controlling the 
distribution and use of 




composite digital works 


US5638504 


6/1997 


Scott et al. 


Object Technology 
Licensing Corp. 


System and method of 
processing documents with 




document proxies 


US5640546 


6/1997 


Gopinath et 
al. 


Network Programs, 
Inc. 


Composition of systems of 
objects by interlocking 




coordination, projection, 
and distribution 


US5655077 


8/1997 


Jones et al. 


Microsoft 
Corporation 


Method and system for 
authenticating access to 




Heterogeneous computina 
services 


US5687236 


11 /1997 


Moskowitz et 
al. 


The Dice Company 


Steganographic method 




and device 


US5689587 


11 /1997 


Bender et al. 


Massachusetts 
Institute of 
Technology 


Method and apparatus for 




data hiding in images 


US5692180 


11 /1997 


Lee 


International 
Business Machines 


Object-oriented cell 
director/ database for a 



http://\\'ww.delphion.com/details?&pn=US05949876 &s_clms=l 



3/5/01 



Systems and methods for secure transaction management and electronic rights protection .. Page 9 of 3 1 



US5692180 


11 /1997 


Lee 


Business Machines 
Cornoration 


distributed comDutina 




environment 


US57 10834 


1 /1998 


Rhoads 


Digimarc 
Corporation 


Method and apparatus 
responsive to a code 
signal conveyed through a 




graphic image 


US5740549 


4/1998 


Reilly et al. 


PointCast, Inc. 


Information and advertising 
distribution svstem and 




method 


US5745604 


4/1998 


Rhoads 


Digimarc 
Corporation 


Identification/authentication 
svstem using robust. 




distributed codina 


US5748763 


5/1998 


Rhoads 


Diaimarc 
Corporation 


Image steganooraDhv 
svstem featurinq 
perceptually adaptive and 




globally scalable signal 

ci i iucuuii iy 


US5748783 


5 /1998 


Rhoads 

1 \l 1 wUm V 


Digimarc 
Corporation 


Method and apparatus for 




robust information coding 


US5748960 


5/1998 


Fischer 




Method and apparatus for 
validating travelling object- 




oriented programs with 
digital signatures 


US5754849 


5/1998 


Dyer et al. 


Wayfarer 
Communications, 
Inc. 


Self-describing obiect 
providing dynamic 
manipulation of 
heterogeneous data values 




and semantic identitv 
between memory and 
transmission 
representations 


US5757914 


5/1998 


McManis 


Sun Microsystems, 
Inc. 


Svstem and method for 
protecting use of 




dynamically linked 
executable modules 


US5758152 


5 /1998 


LeTournpau 


Prime Arithmetics, 
Inc. 


Method and apparatus for 
the generation and 




manipulation of data 
structures 


\J\D\J 1 \J\J 1 \J£. 


i /iyyo 


cncKSon 


Trustees of 
Dartmouth College 


System and method for 
managing copyngniea 




electronic media 


US5768426 


6/1998 


Rhoads 


Digimarc 
Corporation 


Graphics processing 
system employing 




embedded code signals 



We claim: 

1 . A method for negotiating electronic contracts, comprising: 

• receiving a first control set from a remote site; 

• providing a second control set; 

• performing, within a protected processing environment, an 
electronic negotiation between said first control set and said 
second control set, including providing interaction between 
said first and second control sets; and 

• producing a negotiated control set resulting from said 
interaction between said first and second control sets. 

2. A system for supporting electronic commerce including: 
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• means for creating a first secure control set at a first location; 

• means for creating a second secure control set at a second 
location; 

• means for securely communicating said first secure control 
set from said first location to said second location; and 

• means at said second location for securely integrating said 
first and second control sets to produce at least a third 
control set comprising plural elements together comprising an 
electronic value chain extended agreement. 

3. A system for supporting electronic commerce including: 

• means for creating a first secure control set at a first location; 

• means for creating a second secure control set at a second 
location; 

• means for securely communicating said first secure control 
set from said first location to said second location; and 

• negotiation means at said second location for negotiating an 
electronic contract through secure execution of at least a 
portion of said first and second secure control sets. 

4. A system as in claim 3 further including means for controlling 
use by a user of protected information content based on at least a 
portion of said first and/or second control sets. 

5. A system as in claim 3 further including means for charging for 
at least a part of said content use. 

6. A system for negotiating electronic contracts, comprising: 

• a storage arrangement that stores a first control set received 
from a remote site, and stores a second control set; 

• a protected processing environment, coupled to said storage 
arrangement, that: 

• (a) performs an electronic negotiation between said first 
control set and said second control set, 

• (b) provides interaction between said first and second control 
sets, and 

• (c) produces a negotiated control set resulting from said 
interaction between said first and second control sets. 

7. A system as in claim 6 further including means for 
electronically enforcing said negotiated control set. 

8. A system as in claim 6 further including means for generating 
an electronic contract based on said negotiated control set. 

9. A method for supporting electronic commerce including: 

• creating a first secure control set at a first location; 

• creating a second secure control set at a second location; 

• securely communicating said first secure control set from 
said first location to said second location; and 

• electronically negotiating, at said second location, an 
electronic contract, including the step of securely executing at 
least a portion of said first and second secure control sets. 

10. A method as in claim.! ' n which said steps of receiving, 
providing, performing and producing occur within a Virtual 
Distribution Environment. 

1 1 . A system as in claim 2 in which said first location and said 
second location are contained within a Virtual Distribution 
Environment. 

12. A system as in claim 3 in which said first location and said 
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second location are contained within a Virtual Distribution 
Environment. 

13. A system as in claim 6 in which said protected processing 
environment is contained within a Virtual Distribution Environment. 

14. A method as in claim 9 in which said first location and said 
second location are contained within a Virtual Distribution 
Environment. 

15. A method as in claim 1 in which said first control set is 
received from a first remote site; 

• said second control set is received from a second remote 
site; and 

• said performing step is produced at a third site which is 
different from the first remote site and the second remote site. 

16. A system as in claim 6 in which said second control set is 
received from a second remote site; and 

• said protected processing environment is located at a third 
site which is different from said remote site and said second 
remote site. 

17. A method as in claim 1 in which: 

• said first control set is generated by or for a first party 
distributor of protected information content; 

• said second control set is generated by or for a second party 
which desires to use said protected information content; 

• said electronic negotiation concerns the terms under which 
said second party will obtain the right to use said protected 
information content; and 

• said negotiated control set includes terms under which said 
second party receives the right to use said protected 
information content. 

18. A system as in claim 2 in which: 

• said first secure control set includes controls generated at 
least in part by or for a first party distributor of protected 
information content; 

• said second secure control set includes controls generated at 
least in part by or for a second party which desires to use 
said protected information content; and 

• said third control set includes controls which govern terms 
under which said second party receives the right to use said 
protected information content. 

19. A system as in cla im 3 in which: 

• said first secure control set includes controls generated at 
least in part by or for a first party distributor of protected 
information content; 

• said second secure control set includes controls generated at 
least in part by or for a second party which desires to use 
said protected information content; and 

• said electronic contract includes controls which govern terms 
under which said second party receives the right to use said 
protected information content. 

20. A system as in c laim 6 in which: 
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• said first control set includes controls generated at least in 
part by or for a first party distributor of protected information 
content; 

• said second control set includes controls generated at least in 
part by or for a second party which desires to use said 
protected information content; and 

• said negotiated control set includes controls which govern 
terms under which said second party receives the right to use 
said protected information content. 

21 . A method as in claim 9 in which 



• said first secure control set includes controls generated at 
least in part by or for a first party distributor of protected 
information content; 

• said second secure control set includes controls generated at 
least in part by or for a second party which desires to use 
said protected information content; and 

• said electronic contract includes controls which govern terms 
under which said second party receives the right to use said 
protected information content. 

22. A method as in claim 1 in which said first control set includes 
terms which are desired but hot required. 

23. A method as in claim 1 in which said first control set includes 
required terms. 

24. A method as in clai m 2 in which said first control set includes 
required terms. 

25. A method as in claim 1 in which said second control set 
includes required terms. 

26. A method as in claim 1 in which said second control set 
includes terms which are desired but not required. 

27. A method as in claim 26 in which said second control set 
includes required terms. 

28. A system as in claim 2 in which said first secure control set 
includes terms which are desired but not required. 

29. A system as in claim 2 in which said first secure control set 
includes required terms. 

30. A system as in claim 28 in which said first secure control set 
includes required terms. 

31 . A system as in claim 2 in which said second secure control 
set includes terms which are desired but not required. 

32. A system as in claim 2 in which said second secure control 
set includes required terms. 

33. A system as in claim 31 in which said second secure control 
set includes required terms. 

34. A system as in claim3 in which said first secure control set 
includes terms which are desired but not required. 

35. A system as in claim 3 in which said first secure control set 
includes required terms. 

36. A system as in claim 34 in which said first secure control set 
includes required terms. 

37. A system as in claim 3 in which said second secure control 
set includes terms which are desired but not required. 

38. A system as in clajm3 in which said second secure control 
set includes required terms. 

39. A system as in claim 38 in which said second secure control 
set includes required terms. 

40. A system as in claim6 in which said first control set includes 
terms which are desired but not required. 

41 . A system as in claim 6 in which said first control set includes 
required terms. 

42. A system as in cteim.4Q in which said first control set includes 
required terms. 
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43. A system as in c laim 6 in which said second control set 
includes terms which are desired but not required. 

44. A system as in claim 6 in which said second control set 
includes required terms. 

45. A system as in claim 43 in which said second control set 
includes required terms. 

46. A method as in claim 9 in which said first secure control set 
includes terms which are desired but not required. 

47. A method as in cl aim 9 in which said first secure control set 
includes required terms. 

48. A method as in 46 in which said first secure control set 
includes required terms. 

49. A method as in 9 in which said second secure control set 
includes terms which are desired but not required. 

50. A method as in claim 9 in which said second secure control 
set includes required terms. 

51 . A method as in claim 49 in which said second secure control 
set includes required terms. 

52. A method as in cla im 1 in which said first control set is 
contained in a first PERC. 

53. A method as in cl aim 52 in which said second control set is 
contained in a second PERC. 

54. A method as in claim 1 in which said negotiated control set is 
contained in a PERC. 

55. A method as in claim J. in which said electronic negotiation is 
undertaken pursuant to rules contained in a third control set. 

56. A method as in clajm 2 in which said third control set is 
contained in a PERC. 

57. A system as in claim_2 in which said first secure control set is 
contained in a first PERC. 

58. A system as in claim 57 in which said second secure control 
set is contained in a second PERC. 

59. A system as in claim 58 in which said third control set is 
contained in a third PERC. 

60. A system as in clai m 2 in which said means for securely 
integrating said first and "se"cond control sets includes a fourth 
control set. 

61 . A system as in claim 60 in which said fourth control set 
includes controls which govern said secure integration. 

62. A system as in claim 60 in which said fourth control set is 
contained in a PERC. 

63. A system as in claim 3 in which said first secure control set is 
contained in a PERC. 

64. A system as in claim 3 in which said second secure control 
set is contained in a PERC. 

65. A system as in claim 64 in which said negotiation means 
includes a third secure control set. 

66. A system as in claim 65 in which said third secure control set 
is contained in a PERC. 

67. A system as in claim 66 in which said third secure control set 
includes controls which govern said negotiating of said electronic 
contract. 

68. A system as in claim 66 in which said electronic contract 
consists of a fourth secure control set. 

69. A system as in claim 68 in which said fourth secure control set 
is contained in a PERC. 

70. A system as in cJaimjB in which said first control set is 
contained in a PERC. 

71. A system as in cl aim 70 in which said second control set is 
contained in a PERC. 

72. A system as in cl aim 71 in which said protected processing 
environment contains a third control set. 

73. A system as in claim 72 in which said third control set is 
contained in a PERC. 

74. A system as in claim 72 in which said third control set 
includes controls which govern said electronic negotiation. 

75. A system as in cl aim 70 in which said negotiated control set is 
contained in a PERC. 
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76. A method as in c l aim 9 in which said first secure control set is 
contained in a PERC. 

77. A method as in cl aim 9 in which said second secure control 
set is contained in a PERC. 

78. A method as in claim 9 in which said second location contains 
a third secure control set. 

79. A method as in c laim 78 in which said third secure control set 
is contained in a PERC. 

80. A method as in claim 78 in which said third secure control set 
contains controls which govern, at least in part, said step of 
electronically negotiating an electronic contract. 

81 . A method as in claim 78 in which said electronic contract 
consists of a fourth secure control set. 

82. A method as in claim 81 in which said fourth secure control 
set is contained in a PERC. 

83. A method as in claim 1 in which said first control set is made 
up of controls from at least a first and a second alternate groups of 
controls. 

84. A method as in claim 83 in which said first alternate group of 
controls includes controls which are shared with said second 
alternate group of controls and controls which are not shared with 
said second alternate group of controls. 

85. A method as in claim 84 in which said second control set is 
made up of controls from at least a third and a fourth alternate group 
of controls. 

86. A method as in claim 85 in which said third alternate group of 
controls includes controls which are shared with said fourth alternate 
group of controls and controls which are not shared with said fourth 
alternate group of controls. 

87. A method as in claim 83 in which said interaction between 
said first and second coinitroi sets includes a step wherein at least 
one of the alternate groups of controls from said first control set is 
selected. 

88. A method as in claim 85 in which said interaction between 
said first and second control sets includes a step wherein at least 
one of the alternate groups of controls from said second control set 
is selected. 

89. A system as in claim 2 in which said first secure control set is 
made up of controls from at least two alternate groups of controls. 

90. A system as in claim 89 in which said at least two alternate 
groups of controls include controls which are uniquely in one of said 
groups, and shared controls which are present in more than one of 
said groups. 

91 . A system as in claim 2 in which said second secure control 
set is made up of controls from at least two alternate groups of 
controls. 

92. A system as in claim 91 in which said at least two alternate 
groups of controls making up said second control set include 
controls which are uniquely in one of said groups, and shared 
controls which are present in more than one of said groups. 

93. A system as in c laim 8 9 in which said means at said second 
location for securely integrating said first and second control sets 
includes means for selecting at least one of the alternate groups of 
controls from said first secure control set. 

94. A system as in cla im 91 in which said means at said second 
location for securely integrating said first and second control sets 
includes means for selecting at least one of the alternate groups of 
controls from said second secure control set. 

95. A system as in claim 3 in which said first secure control set is 
made up of controls from at least two alternate groups of controls. 

96. A system as in c laim 95 in which said at least two alternate 
groups of controls include controls which are uniquely in one of said 
groups, and shared controls which are present in more than one of 
said groups. 

97. A system as in claim 3 in which said second secure control 
set is made up of controls from at least two alternate groups of 
controls. 

98. A system as in claim 97 in which said at least two alternate 
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groups of controls making up said second secure control set include 
controls which are uniquely in one of said groups, and shared 
controls which are present in more than one of said groups. 

99. A system as in claim 95 in which said negotiation means 
includes means for selecting at least one of the alternate groups of 
controls from said first secure control set. 

100. A system as in claim 97 in which said negotiation means 
includes means for selecting at least one of the alternate groups of 
controls from said second secure control set. 

101 . A system as in clajmJJ in which said first control set is made 
up of controls from at least two alternate groups of controls. 

102. A system as in claim 101 in which said at least two alternate 
groups of controls include controls which are uniquely in one of said 
groups, and shared controls which are present in more than one of 
said groups. 

103. A system as in claim 6 in which said second control set is 
made up of controls from at least two alternate groups of controls. 

104. A system as in claim 103 in which said at least two alternate 
groups of controls making up said second control set include 
controls which are uniquely in one of said groups, and shared 
controls which are present in more than one of said groups. 

105. A system as in claim 6 in which said protected processing 
environment selects at least one of the alternate groups of controls 
from said first control set. 

106. A system as in claim 8 in which said protected processing 
environment selects at least one of the alternate groups of controls 
from said second control set. 

107. A method as in claim 9 in which said first secure control set 
is made up of controls from at least two alternate groups of controls. 

108. A method as in claim 107 in which said at least two alternate 
groups of controls include controls which are uniquely in one of said 
groups, and shared controls which are present in more than one of 
said groups. 

109. A method as in clai m 9 in which said second secure control 
set is made up of controls from at least two alternate groups of 
controls. 

1 10. A method as in claim 109 in which said at least two alternate 
groups of controls making up said second secure control set include 
controls which are uniquely in one of said groups, and shared 
controls which are present in more than one of said groups. 

1 1 1 . A method as in claim J 07 in which said step of electronically 
negotiating includes a step of selecting at least one of the alternate 
groups of controls from said first secure control set. 

1 12. A method as in c laim 109 in which said step of electronically 
negotiating includes a step of selecting at least one of the alternate 
groups of controls from said second secure control set. 

1 13. A method as in claim 1 in which said first control set, said 
second control set or said negotiated control set includes a 
REGISTER control. 

1 14. A method as in claim 1 in which said first control set, said 
second control set or said negotiated control set includes a WANT 
control. 

1 15. A method as in darn 1 in which said first control set, said 
second control set or said negotiated control set includes a 
REQUIRE control. 

1 16. A system as in claim 2 in which said first secure control set, 
said second secure control set or said third control set includes an 
ACCEPT control. 

1 17. A system as in claim 2 in which said first secure control set, 
said second secure control set or said third control set includes a 
REJECT control. 

1 18. A system as in claim 2 in which said first secure control set, 
said second secure control set or said third control set includes an 
OFFER control. 

1 19. A system as in claim 3 in which said first secure control set, 
said second secure control set, or said electronic contract includes a 
HAVE control. 



http://\vw.delphion.com/details?&pn=US05949876_&s_clms=l 



3/5/01 



Systems and methods for secure transaction management and electronic rights protection Page 16 of 31 



120. A system as in claim 3 in which said first secure control set, 
said second secure control set, or said electronic contract includes a 
QUIT control. 

121. A system as in claim 1 in which said first secure control set, 
said second secure control set or said electronic contract includes 
an AGREEMENT control. 

122. A system as in cl aim 6 in which said first control set or said 
second set includes a WANT control and a REQUIRE control. 

123. A system as in claim 6 in which said first control set or said 
second set includes a REGISTER control and a WANT control. 

124. A system as in claim 6 in which said negotiated control set 
includes an AGREEMENT control. 

125. A method as in claim 9 in which said first secure control set 
includes a REGISTER controi and an OFFER control. 

126. A method as in claim 9 in which said second secure control 
set includes an OFFER control and a HAVE control. 

127. A method as in claim 9 in which said electronic contract 
includes a REGISTER controi and an AGREEMENT control. 

128. A method as in claim 1 further including the step of executing 
said negotiated control set within said protected processing 
environment. 

129. A method as in cl a i m 1 28 further including the step of 
executing said negotiated control set within a second protected 
processing environment which is different from the protected 
processing environment within which said performing step occurs. 

130. A system as in dajm.2 further including means for executing 
said third control set within a protected processing environment. 

131. A system as in claim 130 in which said protected processing 
environment is located at said second location. 

132. A system as in claim 130 in which said protected processing 
environment is located at a location other than said second location. 

133. A system as in cl a im 3 further including means for executing 
said electronic contract within a protected processing environment. 

134. A system as in cjajm 133 in which said protected processing 
environment is located at said second location. 

135. A system as in c la i m 13 3 in which said protected processing 
environment is located at a location other than said second location. 

136. A system as in claim 6 in which said negotiated control set is 
executed in said protected processing environment. 

137. A system as in claim 6 in which said negotiated control set is 
executed in a second protected processing environment. 

1 38. A method as in claim 9 further including the step of executing 
said electronic contract. 

139. A method as in cjajm 138 in which said step of executing 
said electronic contract occurs in a protected processing 
environment. 

140. A method as in c laim 139 in which said protected processing 
environment is located at said second location. 

141 . A method as in cl aim 138 in which said protected processing 
environment is located at a location other than said second location. 

142. A method as in clai m 1 in which said negotiated control set is 
digitally signed. 

143. A method as in claim 1 in which said negotiated control set is 
digitally signed by said first control set. 

144. A method as in cjajm J 43 in which said negotiated control 
set is digitally signed by said second control set. 

145. A method as in claim 1 in which said negotiated control set is 
digitally signed by a control set which carries out said electronic 
negotiation. 

146. A method as in claim 14 2 in which said digital signing is 
done through public key encryption. 

147. A system as in cl aim 142 further including means for digitally 
signing said third control set. 

148. A system as in c laim 147 in which said means for digitally 
signing said third controi set includes means for allowing said first 
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secure control set to carry out said digital signing. 

149. A system as in claim 147 in which said means for digitally 
signing said third control set includes means for allowing said 
second secure control set to carry out said digital signing. 

150. A system as in claim 3 further including means for digitally 
signing said electronic contract. 

151 . A system as in claim 150 in which said means for digitally 
signing said electronic contract includes means for allowing said first 
secure control set to carry out said digitally signing. 

152. A system as in claim 15 0 in which said means for digitally 
signing said electronic contract includes means for allowing said 
second secure control set to carry out said digitally signing. 

153. A system as in claim 6 in which said protected processing 
environment digitally signs said negotiated control set. 

154. A system as in claim 153 in which said protected processing 
environment digitally signs saicTnegotiated control set using a digital 
signature created or supplied by said first control set. 

155. A system as in daJiLl53 in which said protected processing 
environment digitally signs said negotiated control set using a digital 
signature created or supplied by said second control set. 

156. A method as in claim 9 further including digitally signing said 
electronic contract. 

157. A method as in claim 156 in which said step of digitally 
signing said electronic contract is carried out using a digital 
signature created or supplied at least in part by said first secure 
control set. 

158. A method as in claim 156 in which said step of digitally 
signing said electronic contract is carried out using a digital 
signature created or supplied at least in part by said second secure 
control set. 

159. A method as in claim 1 in which said negotiated control set 
includes controls containing human-language terms corresponding 
to at least certain of the machine-executable controls contained in 
said negotiated control set. 

160. A method as in claim 159 in which said human-language 
terms are contained in one or more data descriptor data structures. 

161 . A system as in claim 2 in which said third control set 
includes controls containing human-language terms corresponding 
to at least certain of the machine-executable controls contained in 

said third control set. 

162. A method as in claim 161 in which said human-language 
terms are contained in one or more data descriptor data structures. 

163. A system as in cl aim 3 in which said electronic contract 
includes controls containing human-language terms corresponding 
to at least certain of the machine-executable controls contained in 
said electronic contract. 

164. A method as in claim 163 in which said human-language 
terms are contained in one or more data descriptor data structures. 

165. A system as in claim 6 in which said negotiated control set 
includes controls containing human-language terms corresponding 
to at least certain of the machine-executable controls contained in 
said negotiated control set. 

166. A method as in cl aim 165 in which said human-language 
terms are contained in one or more data descriptor data structures. 

167. A method as in claim 9 in which said electronic contract 
includes controls containing human-language terms corresponding 
to at least certain of the machine-executable controls contained in 
said electronic contract. 

168. A method as in claim 167 in which said human-language 
terms are contained in one or more data descriptor data structures. 

169. A method as in claim 1 in which said remote site contains a 
second protected processing environment. 

170. A system as in claim 2 in which said means for creating a 
first secure control set includes a protected processing environment. 

171 . A system as in claim 2 in which said means for creating a 
second secure control set includes a protected processing 
environment. 
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172. A system as in claim 2 in which said means at said second 
location for securely integrating includes a protected processing 
environment. 

1 73. A system as in claim 3 in which said means for creating a 
first secure control set includes a protected processing environment. 

1 74. A system as in claim 3 in which said means for creating a 
second secure control set includes a protected processing 
environment. 

175. A system as in claim 3 in which said negotiation means 
includes a protected processing environment. 

176. A method as in claim 9 in which said first location includes a 
protected processing environment. 

177. A method as in claim 9 in which said second location 
includes a protected processing environment. 

178. A method as in claim 1 in which said first protected 
processing environment contains a first secure processing unit. 

179. A method as in claim J78 in which said steps of performing 
and producing are carried out, at least in part, by said first secure 
processing unit. 

180. A method as in claim 178 in which said second protected 
processing environment contains a second secure processing unit. 

181. A system as in c laim 2 in which said means for creating a 
first secure control set includes a first secure processing unit. 

182. A system as in c lai m 181 in which said means for creating a 
second secure control set includes a second secure processing unit. 

1 83. A system as in claim 182 in which said means at said 
second location for securely integrating includes said second secure 
processing unit. 

184. A system as in claim 3 in which said means for creating a 
first secure control set includes a secure processing unit. 

185. A system as in claim 3 in which said means for creating a 
second secure control set includes a secure processing unit. 

186. A system as in claim 3 in which said negotiating means 
includes a secure processing unit. 

187. A system as in c laim 6 in which said protected processing 
environment includes a secure processing unit. 

188. A method as in claim 9 in which said first location contains a 
secure processing unit. 

189. A method as in cl aim 188 in which said second location 
contains a second secure processing unit. 

190. A method as in claim 189 in which said step of securely 
executing at least a portion of said first and second secure control 
sets is performed at least in part using said second secure 
processing unit. 

191 . A method as in claim 1 in which said protected processing 
environment contains a software based tamper resistant barrier. 

192. A method as in claim 191 in which said steps of performing 
and producing are carried but, at least in part, within said software 
based tamper resistant barrier. 

193. A method as in claim 169 in which said first protected 
processing environment contains a first software based tamper 
resistant barrier. 

194. A method as in claim 193 in which said second protected 
processing environment contains a second software based tamper 
resistant barrier. 

195. A system as in claim 2 in which said first location contains a 
first software based tamper resistant barrier. 

196. A system as in claim 195 in which said second location 
contains a second software based tamper resistant barrier. 

197. A system as in claim 3 in which said first location contains a 
first software based tamper resistant barrier. 

198. A system as in claim 3 in which said second location 
contains a second software based tamper resistant barrier. 

199. A system as in claim 6 in which said protected processing 
environment includes a software based tamper resistant barrier. 

200. A method as in claim 9 in which said first location contains a 
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first software based tamper resistant barrier. 

201 . A method as in claim 200 in which said second location 
contains a second software based tamper resistant barrier. 

202. A method as in claim 1 in which said first control set 
represents a negotiating position of a first party. 

203. A method as in claim 202 in which said first party is a 
clearinghouse. 

204. A method as in claim 202 in which said first party is a 
content provider. 

205. A method as in claim 202 in which said first party is a 
content distributor. 

206. A method as in claim 202 in which said first party is a 
content user. 

207. A method as in cJaim^Q? in which said second control set 
represents a negotiating position of a second party. 

208. A method as in claim 207 in which said second party is a 
clearinghouse. 

209. A method as in c]ajmL207 in which said second party is a 
content provider. 

210. A method as in claim 207 in which said second party is a 
content distributor. 

21 1 . A method as in claim 207 in which said second party is a 
content user. 

212. A system as in claim 2 in which said first secure control set 
represents a negotiating position of a first party. 

213. A system as in claim .212 in which said first party is a 
clearinghouse. 

214. A system as in claim 212 in which said first party is a content 
provider. 

215. A system as in cMni212 in which said first party is a content 
distributor. 

216. A system as in claim 212 in which said first party is a content 
user. 

217. A system as in dajmJ212 in which said second control set 
represents a negotiating position of a second party. 

218. A method as in claim 217 in which said second party is a 
clearinghouse. 

219. A method as in claim 217 in which said second party is a 
content provider. 

220. A method as in claim 217 in which said second party is a 
content distributor. 

221 . A method as in claim 217 in which said second party is a 
content user. 

222. A system as in claim 3 in which said first secure control set 
represents a negotiating position of a first party. 

223. A system as in claim 222 in which said first party is a 
clearinghouse. 

224. A system as in claim 222 in which said first party is a content 
provider. 

225. A system as in claim 222 in which said first party is a content 
distributor. 

226. A system as in claim 222 in which said first party is a content 
user. 

227. A system as in claim 222 in which said second control set 
represents a negotiating position of a second party. 

228. A method as in claim 227 in which said second party is a 
clearinghouse. 

229. A method as in claim,227 in which said second party is a 
content provider. 

230. A method as in claim 227 in which said second party is a 
content distributor. 

231 . A method as in cjaim 227 in which said second party is a 
content user. 

232. A system as in claim 6 in which said first control set 
represents a negotiating position of a first party. 

233. A system as in claim 232 in which said first party is a 
clearinghouse. 

234. A system as in claim 232 in which said first party is a content 
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provider. 

235. A system as in clairrL232 in which said first party is a content 
distributor. 

236. A system as in claim 232 in which said first party is a content 
user. 

237. A system as in claim 232 in which said second control set 
represents a negotiating position of a second party. 

238. A method as in claim 237 in which said second party is a 
clearinghouse. 

239. A method as in claim 237 in which said second party is a 
content provider. 

240. A method as in claim 237 in which said second party is a 
content distributor. 

241 . A method as in claim 237 in which said second party is a 
content user. 

242. A method as in claim 9 in which said first secure control set 
represents a negotiating position of a first party. 

243. A method as in claim 242 in which said first party is a 
clearinghouse. 

244. A method as in claim 242 in which said first party is a 
content provider. 

245. A method as in c lai m 2 42 in which said first party is a 
content distributor. 

246. A method as in claim 242 in which said first party is a 
content user. 

247. A method as in claim 242 in which said second control set 
represents a negotiating position of a second party. 

248. A method as in claim 247 in which said second party is a 
clearinghouse. 

249. A method as in claim 2 47 in which said second party is a 
content provider. 

250. A method as in claim 247 in which said second party is a 
content distributor. 

251 . A method as in claim 247 in which said second party is a 
content user. 

252. A method as in claim 1 in which said first control set contains 
controls governing the type of payment mechanism to be used for a 
transaction. 

253. A method as in claim 1 in which said first control set contains 
controls governing the price to be used for a transaction. 

254. A method as in cl a i m 1 in which said first control set contains 
controls governing the auditing method to be used for a transaction. 

255. A method as in c laim 1 in which said first control set contains 
controls governing the identity of the clearinghouse to be used for a 
transaction. 

256. A method as in clajmJL in which said first control set contains 
controls governing the information to be disclosed in a transaction. 

257. A method as in claim 1 in which said second control set 
contains controls governing the type of payment mechanism to be 
used for a transaction. 

258. A method as in claim 1 in which said second control set 
contains controls governing the price to be used for a transaction. 

259. A method as in claim 1 in which said second control set 
contains controls governing the auditing method to be used for a 
transaction. 

260. A method as in claim 1 in which said second control set 
contains controls governing the identity of the clearinghouse to be 
used for a transaction. 

261 . A method as in claim 1 in which said second control set 
contains controls governing the information to be disclosed in a 
transaction. 

262. A method as in claim J. in which said negotiated control set 
contains controls governing the type of payment mechanism to be 
used for a transaction. 

263. A method as in claim 1 in which said negotiated control set 
contains controls governing the price to be used for a transaction. 

264. A method as in claim 1 in which said negotiated control set 
contains controls governing the auditing method to be used for a 
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transaction. 

265. A method as in claim 1 in which said negotiated control set 
contains controls governing the identity of the clearinghouse to be 
used for a transaction. 

266. A method as in claim 1 in which said negotiated control set 
contains controls governing the information to be disclosed in a 
transaction. 

267. A system as in claim 2 in which said first secure control set 
contains controls governing the type of payment mechanism to be 
used for a transaction. 

268. A system as in cl aim 2 in which said first secure control set 
contains controls governing the price to be used for a transaction. 

269. A system as in cl aim 2 in which said first secure control set 
contains controls governing the auditing method to be used for a 
transaction. 

270. A system as in claim 2 in which said first secure control set 
contains controls governing the identity of the clearinghouse to be 
used for a transaction. 

271 . A system as in claim 2 in which said first secure control set 
contains controls governing the information to be disclosed in a 
transaction. 

272. A system as in claim 2 in which said second secure control 
set contains controls governing the type of payment mechanism to 
be used for a transaction. 

273. A system as in clai m 2 in which said second secure control 
set contains controls governing the price to be used for a 
transaction. 

274. A system as in claim 2 in which said second secure control 
set contains controls governing the auditing method to be used for a 
transaction. 

275. A system as in claim 2 in which said second secure control 
set contains controls governing the identity of the clearinghouse to 
be used for a transaction. 

276. A system as in claim 2 in which said second secure control 
set contains controls governing the information to be disclosed in a 
transaction. 

277. A system as in cla i m 2 in which said third control set 
contains controls governing the type of payment mechanism to be 
used for a transaction. 

278. A system as in claim 2 in which said third control set 
contains controls governing the price to be used for a transaction. 

279. A system as in claim 2 in which said third control set 
contains controls governing the auditing method to be used for a 
transaction. 

280. A system as in claim 2 in which said third control set 
contains governing the identity of the clearinghouse to be used for a 
transaction. 

281 . A system as in claim 2 in which said third control set 
contains controls governing the information to be disclosed in a 
transaction. 

282. A system as in claim 3 in which said first secure control set 
contains controls governing the type of payment mechanism to be 
used for a transaction. 

283. A system as in claim 3 in which said first secure control set 
contains controls governing the price to be used for a transaction. 

284. A system as in claim 3 in which said first secure control set 
contains controls governing the auditing method to be used for a 
transaction. 

285. A system as in claim 3 in which said first secure control set 
contains controls governing the identity of the clearinghouse to be 
used for a transaction. 

286. A system as in claim 3 in which said first secure control set 
contains controls governing the information to be disclosed in a 
transaction. 

287. A system as in cl ai m 3 in which said second secure control 
set contains controls the type of payment mechanism to be used for 
a transaction. 

288. A system as in claim 2 in which said second secure control 
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set contains controls governing the price to be used for a 
transaction. 

289. A system as in claim 2 in which said second secure control 
set contains controls governing the auditing method to be used for a 
transaction. 

290. A system as in claim .2 in which said second secure control 
set contains controls governing the identity of the clearinghouse to 
be used for a transaction. 

291 . A system as in claim 2 in which said second secure control 
set contains controls governing the information to be disclosed in a 
transaction. 

292. A system as in claim 2 in which said electronic contract 
contains controls governing the type of payment mechanism to be 
used for a transaction. 

293. A system as in claim 2 in which said electronic contract 
contains controls governing the price to be used for a transaction. 

294. A system as in cl aim 2 in which said electronic contract 
contains controls governing the auditing method to be used for a 
transaction. 

295. A system as in claim 3 in which said electronic contract 
contains controls governing the identity of the clearinghouse to be 
used for a transaction. 

296. A system as in claim 3 in which said electronic contract 
contains controls governing the information to be disclosed in a 
transaction. 

297. A system as in claim 6 in which said first control set contains 
controls the type of payment mechanism to be used for a 
transaction. 

298. A system as in cl aim 6 in which said first control set contains 
controls governing the price to be used for a transaction. 

299. A system as in claim 6 in which said first control set contains 
controls governing the auditing method to be used for a transaction. 

300. A system as in claim 6 in which said first control set contains 
controls governing the identity of the clearinghouse to be used for a 
transaction. 

301 . A system as in claim 6 in which said first control set contains 
controls governing the information to be disclosed in a transaction. 

302. A system as in dajmjl in which said second control set 
contains controls governing the type of payment mechanism to be 
used for a transaction. 

303. A system as in claim 6 in which said second control set 
contains controls governing the price to be used for a transaction. 

304. A system as in claim 6 in which said second control set 
contains controls governing the auditing method to be used for a 
transaction. 

305. A system as in claim 6 in which said second control set 
contains controls governing! the identity of the clearinghouse to be 
used for a transaction. 

306. A system as in cl aim 6 in which said second control set 
contains controls governing the information to be disclosed in a 
transaction. 

307. A system as in claim 6 in which said negotiated control set 
contains controls governing the type of payment mechanism to be 
used for a transaction. 

308. A system as in cl aim 6 in which said negotiated control set 
contains controls governing the price to be used for a transaction. 

309. A system as in claim 6 in which said negotiated control set 
contains controls governing the auditing method to be used for a 
transaction. 

310. A system as in claim 6 in which said negotiated control set 
contains controls governing the identity of the clearinghouse to be 
used for a transaction. 

31 1 . A system as in claim 6 in which said negotiated control set 
contains controls governing the information to be disclosed in a 
transaction. 

312. A method as in claim 9 in which said first secure control set 
contains controls governing the type of payment mechanism to be 
used for a transaction. 
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313. A method as in claim 9 in which said first secure control set 
contains controls governing the price to be used for a transaction. 

314. A method as in claim 9 in which said first secure control set 
contains controls governing the auditing method to be used for a 
transaction. 

31 5. A method as in claim 9 in which said first secure control set 
governing the identity of the clearinghouse to be used for a 
transaction. 

316. A method as in claim 9 in which said first secure control set 
contains controls governing the information to be disclosed in a 
transaction. 

317. A method as in claim 9 in which said second secure control 
set contains controls governing the type of payment mechanism to 
be used for a transaction. 

318. A method as in c laim 9 in which said second secure control 
set contains controls governing the price to be used for a 
transaction. 

319. A method as in claim 9 in which said second secure control 
set contains controls governing the auditing method to be used for a 
transaction. 

320. A method as in claim 9 in which said second secure control 
set governing the identify of the clearinghouse to be used for a 
transaction. 

321 . A method as in claim 9 in which said second secure control 
set contains controls governing the information to be disclosed in a 
transaction. 

322. A method as in claim 9 in which said negotiated control set 
contains controls governing the type of payment mechanism to be 
used for a transaction. 

323. A method as in claim 9 in which said negotiated control set 
contains controls governing the price to be used for a transaction. 

324. A method as in claim 9 in which said negotiated control set 
contains controls governing the auditing method to be used for a 
transaction. 

325. A method as in claim 9 in which said negotiated control set 
governing the identity of the clearinghouse to be used for a 
transaction. 

326. A method as in cl a im 9 in which said negotiated control set 
contains controls governing the information to be disclosed in a 
transaction. 

327. A method as in claim 1 in which said protected processing 
environment is located at a first site, and said first site includes an 
operating system based on or compatible with Microsoft Windows. 

328. A method as in claim 327 in which said step of performing 
and producing are carried out, at least in part, by software contained 
within said operating system. 

329. A system as in c la im 2 in which said means for creating a 
first secure control set includes an operating system based on or 
compatible with Microsoft Windows. 

330. A system as in claim 2 in which said means for creating a 
second secure control set iridudes an operating system based on or 
compatible with Microsoft Windows. 

331 . A system as in claim 2 in which said means at said second 
location for securely integrating said first and second control sets 
includes an operating system based on or compatible with Microsoft 
Windows. 

332. A system as in claim 3 in which said means for creating a 
first secure control set includes an operating system based on or 
compatible with Microsoft Windows. 

333. A system as in claim 3 in which said means for creating a 
second secure control set includes an operating system based on or 
compatible with Microsoft Windows. 

334. A system as in claim 3 in which said negotiation means 
includes an operating system based on or compatible with Microsoft 
Windows. 

335. A system as in claim 6 in which said protected processing 
environment includes an operating system based on or compatible 
with Microsoft Windows. 
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336. A method as in claim 9 in which said first location includes a 
first operating system based on or compatible with Microsoft 
Windows. 

337. A method as in claim 336 in which said second location 
includes a second operating system based on or compatible with 
Microsoft Windows. 

338. A method as in claim 336 in which said step of creating a 
first secure control is carried out at least in part by software 
incorporated in said first operating system. 

339. A method as in claim 337 in which said step of creating a 
second secure control is carried out at least in part by software 
incorporated in said second operating system. 

340. A method as in claim 337 in which said step of electronically 
negotiating is carried out at least in part by software incorporated in 
said second operating system. 

341 . A method as in claim 1 further comprising said negotiated 
control set governing the use of digital information. 

342. A method as in claim 1 further comprising said negotiated 
control set governing the execution of at least one load module. 

343. A method as in claim 1 further comprising said negotiated 
control set governing the execution of at least one method. 

344. A method as in claim.! further comprising said negotiated 
control set governing the "execution of at least one other control set 
different from said first control set, said second control set and said 
negotiated control set. 

345. A system as in claim 2 further comprising means by which 
said third control set governs the use of digital information. 

346. A system as in claim 2 further comprising means by which 
said third control set governs the execution of at least one load 
module. 

347. A system as in claim 2 farther comprising means by which 
said third control set governs the execution of at least one method. 

348. A system as in claim 2 further comprising means by which 
said third control set governs the execution of at least one 
transaction. 

349. A system as in claim 2 further comprising means by which 
said third control set governs the execution of at least one 
procedure. 

350. A system as in c laim 2 further comprising means by which 
said third control set governs "the execution of at least one other 
control set different from said first control set, said second control 
set and said third control set. 

351 . A system as in clai m 3 further comprising means by which 
said electronic contract governs the use of digital information. 

352. A system as in claim 3 further comprising means by which 
said electronic contract governs the execution of at least one load 
module. 

353. A system as in claim 3 further comprising means by which 
said electronic contract governs the execution of at least one 
method. 

354. A system as in claim 3 further comprising means by which 
said electronic contract governs the execution of at least one 
transaction. 

355. A system as in c!aim3 further comprising means by which 
said electronic contract governs the execution of at least one 
procedure. 

356. A system as in claim 3 further comprising means by which 
said electronic contract governs the execution of a third control set 
different from said first control set and said second control set. 

357. A system as in claim 6 further comprising means by which 
said negotiated control set governs the use of digital information. 

358. A system as in claim 6 further comprising means by which 
said negotiated control set governs the execution of at least one 
load module. 

359. A system as in c laim 6 further comprising means by which 
said negotiated control set governs the execution of at least one 
method. 

360. A system as in claim 6 further comprising means by which 
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said negotiated control set governs the execution of at least one 
transaction. 

361 . A system as in claim 6 further comprising means by which 
said negotiated control set governs the execution of at least one 
procedure. 

362. A system as in claim 6 further comprising means by which 
said negotiated control set governs the execution of a third control 
set different from said first control set and said second control set. 

363. A method as in claim 9 further comprising said electronic 
contract governing the use of digital information. 

364. A method as in claim 9 further comprising said electronic 
contract governing the execution of at least one load module. 

365. A method as in claim 9 further comprising said electronic 
contract governing the execution of at least one method. 

366. A method as in claim 9 further comprising said electronic 
contract governing the execution of at least one transaction. 

367. A method as in c laim 9 further comprising said electronic 
contract governing the execution of at least one procedure. 

368. A method as in claim 9 further comprising said electronic 
contract governing the execution of at least one other control set 
different from said first control set, said second control set and said 
negotiated control set. 

369. A method for securely managing electronic negotiations 
related to electronic commerce value chain activities including: 

• employing a first protected processing environment to 
securely specify rules and/or controls for managing an 
electronic commerce process; 

• securely making said specified rules and/or controls available 
to a second protected processing environment, located 
remotely from said first protected processing environment; 

• employing said second protected processing environment to 
further securely specify rules and/or controls for managing at 
least one commerce process related to the common 
commercial interests of at least two parties; 

• employing said second protected processing environment to 
securely electronically negotiate at least one aggregate rules 
and/or controls set representing the electronic interests of 
said at least two parties; and 

• employing a protected processing environment to manage 
said electronic commerce process consistent with at least a 
portion of said aggregate rules and/or controls set. 

370. A system for securely managing electronic negotiations 
related to electronic commerce value chain activities including: 

• a first protected processing environment associated with a 
first party, for securely specifying rules and/or controls for 
managing an electronic commerce process, and for securely 
making said specified rules and/or controls available to a 
second party; 

• a second protected processing environment associated with 
a second party different from said first party, for 

• further securely specifying rules and/or controls, including 
means for managing at least one commerce process related 
to the common commercial interests of said first party and 
said second party; 

• securely electronically negotiating at least one aggregate 
rules and/or controls set representing the electronic interests 
of both said first party and said second party; and 

• managing said electronic commerce process consistent with 
said at least a portion of said aggregate rules and/or controls 
set. 
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371 . A system for negotiating electronic contracts, comprising: 

• a storage arrangement that stores a first control set received 
from a remote site, and stores a second control set; 

• a protected processing environment, coupled to said storage 
arrangement, that: 

• performs an electronic negotiation between said first control 
set and said second control set, 

• provides interaction between said first and second control 
sets, and 

• produces negotiated control information resulting from said 
interaction between said first and second control sets. 

372. A system as in claim 371 further including means for 
electronically enforcing said negotiated control set. 

373. A system as in claim 371 further including means for 
generating an electronic contract based on said negotiated control 
set. 

374. A system as in claim 3 in which said electronic contract is 
contained, at least in part, in a User Rights Table. 

375. A method as in claim 9 in which said electronic contract is 
contained, at least in part, in a User Rights Table. 
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